C. Scott Ananian wrote: > It should be noted that trusting the CRC32 to validate the file contents is > insecure -- but IIRC the security of the update scheme relies on other > signatures (probably still unimplemented -- do you know anything about that, > Michael?) so you shouldn't have to worry about it during download.
I have some preliminary thoughts written up on the subject about which I am quietly seeking advice from a variety of people including yourself and which I intend to publish when I am more satisfied with my writing and my thinking. Michael P.S. - Does anyone know of any other folks out there actively working on similar problems? _______________________________________________ Sugar-devel mailing list Sugar-devel@lists.sugarlabs.org http://lists.sugarlabs.org/listinfo/sugar-devel